Don't get me wrong, this really is a bad article

Story: 2009: software installation in GNU/Linux is still broken -- and a path to fixing itTotal Replies: 28
Author Content
tuxchick

Jun 24, 2009
9:51 PM EDT
'Don't get me wrong'--- Those fatal words that signal a "yes but" piece of meh.

You can install multiple different versions of the same app with both apt and yum by having multiple repos configured, and then selecting specific versions to install. There are a few other tweaks you need to do so that updates don't stomp older versions. I don't know if this creates problems over time, but I've done it with a few apps without creating dependency problems.

Don't need root anymore? Fine, let's be like Windows and Mac and fling the door open to malware by breaking basic separation of privileges that has worked well for decades. Even better, let's be like Windows and require that users either have elevated privileges so in effect they're running as admin all the time, or take away their admin privileges and then you have to logout and log back in as admin to do anything. Wheee fun is the Windows way!

Quoting: It’s not trivial to “give” a program to a friend. To the end user, giving a program to a friend should be as simple as dragging an icon onto a memory stick; instead, files are scattered all over the system.


Um, copy the RPM or deb, which will be cached locally by Yum or apt so you don't even need Internet?

Quoting: It should be possible to download and install software even though it doesn’t come from an official repository


It already is. Duh. The great value of distribution repos is ease, consistency and authenticity. I don't know about all distros, but the major ones all sign their packages with GPG keys which are checked automatically by the package manager. You can add third-party repos until your head explodes. You can download and install debs, RPMs, and source tarballs to your heart's content. What the heck more can anyone want? The article author seems to want a Mac with its very limited ways of doing anything.

There is one thing I agree with, sort of:

Quoting: Every GNU/Linux distribution at the moment (including Ubuntu) confuses system software with end user software, whereas they are two very different beasts which should be treated very, very differently.


They should be labeled differently. I would like to do a an 'apt-cache search foo' and see only application names, rather than every related lib-whatever. Most apps install files in the system's root directory, or need elevated privs for certain functions, so how can that be jiggered to not need root permissions? I know one way-- package an app as a giant static binary. Drop it into $home, give it executable permissions, and away you go. I suppose the next step is to enable auto-execution so that poor dumb lusers don't need to take that extra chmod+x step, and then Linux can be just like Windows and provide a warm, unhindered welcome to all kinds of random stray binaries! And then we can be members in the giant happy World Wide Botnet, and enjoy wasting gobs of money on anti-malware apps.

And some apps still need elevated privileges to work at all, for example networking utilities. You know how Macs and Windozes handle this-- ordinary users need to run with elevated privileges all the time.

This latest rash of 'don't get me wrong, I love Linux except everything about it needs to be different' articles are annoying. Package management in Linux is so danged good and easy it takes real effort to turn it into a liability.

chalbersma

Jun 24, 2009
10:12 PM EDT
idk but the only point that he might have is that non root users can't install software. Unfortunately they can. Just install to your home directory and add the various bin and lib directories to your various personal paths. I'm still not sure what he's mad about. If he want a package manager that instal software without root access why doesn't he just write one. It would be tough but if the system seems that broken to you...
caitlyn

Jun 24, 2009
10:47 PM EDT
You know there are legitimate things to complain about. Software installation? It's not one of them. With the major distros you have a large, well stocked repo. Its one stop shopping. Point. Click. It installs and you're done. Many distros have non-free or multiverse or whatever to handle proprietary apps. Even itty bitty Vector Linux has a package that's really just a script to install Skype directly from the vendor so that it doesn't violate the licensing. Point. Click. Install and you're done.

You need root privileges? Heck, in Ubuntu you can just enter your password since sudo is setup by default to give the first user root privileges. What could be easier? What does the author want? An utter lack of security like Windows? Thanks but no thanks.

Third party software not in a repo is no problem either. Download, open file manager, and usually it's point and click again. Works for OpenOffice or Firefox or whatever. You don't need to do separate packages for separate distros if you do it right. Here's an example: I have a Lightscribe capable DVD/CD burner. Software from LaCie or HP is proprietary. Thay make one rpm available for all distros. I've installed it info Ubuntu or Vector Linux or whatever with no problems. Yes, I had to know about alien for Ubuntu. Vector supports rpm out of the box. Gee... that was tough... NOT! Not for the ISV and not for the user.

Isn't FSM the same "magazine" that whined about being shutdown because they chose a hosting company known for making things easy for scammers and kiddie porn sites? Maybe we were better off when they were shut down.

Oh, and did anyone else notice how the author dismisses anyone who disagrees with him as "in denial". Tony is right and everyone else is wrong. Got it.
tracyanne

Jun 24, 2009
11:03 PM EDT
It's my computer, so why in the world would I want 1) to install software other than in the normal install directories and 2) allow anyone else to install arbitrary software

Setting up repositories is trivially easy, anyone who has access to web and knows how to use a search wngine can 1) locate the exact information, and if they are capable of doing at least that then it's trivially simple to copy paste the necessary peice of text to either the repository (sources in Ubuntu) management gui, or drop it into the cli and whatch the magic happen.

All that is required is that they WANT TO DO IT.

Far too many people are afraid to try, because they have been taught that they can't.
tuxchick

Jun 24, 2009
11:22 PM EDT
Quoting: You know there are legitimate things to complain about.


Indeed, so why is there so much complaining about the good stuff?

BTW I have Debian Lenny on my main workstation now, PCLinuxOS on my laptop and gf's computer, and 64 Studio on my photo/audio recording computer. Performance and stability are great so far, we're getting work done instead of fighting with K/Ubuntu. The only PC that K/Ubuntu ran OK on was my main workstation, and Debian is noticeably peppier even on that. So is that "too many distributions!! Oh noes!!" or a wealth of riches?
cabreh

Jun 25, 2009
2:28 AM EDT
Personally I thought the argument for installing software for a single user was one of the weakest arguments of the piece. Of course it was hard to pick which was the weakest. :)

This was obviously written by someone who either is or was a Windows user. Probably has the computer boot right up to the desktop without a password. And everyone uses the same login. Or at least has no family. Otherwise what would be the reason for wanting to install maybe three copies of the same software for three different users?

The whole point of a good multi-user OS is you install once for many. If you use the computer as a single user system and if you have children they get to browse the same p0rn sites you could. With individual users you can put on controls. The whole argument of making Linux as stupidly designed as Windows is just foolishness in my eyes.
hkwint

Jun 25, 2009
6:20 AM EDT
In the other thread http://lxer.com/module/forums/t/29233/ (last post) I already told 'Autopackage' has almost all the features Tony wants. Just found out Autopackage is an 'active project' again (seems there was a hiatus). Should try to mail Mr. Mobily.
jdixon

Jun 25, 2009
6:39 AM EDT
> Unfortunately they can. Just install to your home directory and add the various bin and lib directories to your various personal paths.

Yep. You may even be able to run a chrooted system to eliminate any potential library version conflicts. I know chroot is available to users in Slackware, I can't speak for other distros.

> Software installation? It's not one of them.

Agreed completely.

> The whole point of a good multi-user OS is you install once for many.

And as I tried to point out in another thread, most home computers are multiuser, whether they're set up that way or not.
hkwint

Jun 25, 2009
6:43 AM EDT
OK, registered at FSM, though no mail as of yet to confirm the registering process. Hmm, need patience.
bigg

Jun 25, 2009
6:52 AM EDT
I will just add to the valid points already made that his comments about Gobo (a) don't make sense, and (b) are wrong.

He's arguing that the file system shouldn't be changed because it's been that way a long time and users would be upset if you change it. Don't the same arguments apply to, say, the way Linux software is distributed?

Second, Gobo does not change the file system. It actually uses symbolic links to eliminate the need for a package manager.

It seems like he simply doesn't want to admit that what he wants done has already been done.
caitlyn

Jun 25, 2009
10:36 AM EDT
Quoting:I know chroot is available to users in Slackware, I can't speak for other distros.


Every major Linux distro and most minor ones have chroot. Some niche distros that aim to be really tiny don't but everything else does.
theboomboomcars

Jun 25, 2009
10:50 AM EDT
Has this guy tried to get and install commercial Linux software? I bought World of Goo. The offered the download as a DEB, RPM or tar.gz. Since I use ubuntu I selected the DEB downloaded it, clicked on it, entered my password because I did in fact want to install it and then it installed. It even put the launch icon into the games section of the applications menu.

How is this process broken or even different from installing software on Windows, other than it asked for a password to ensure I have the authority to install software?

Installing software from the repos is an even better experience.
krisum

Jun 25, 2009
11:50 AM EDT
Quoting: I know chroot is available to users in Slackware, I can't speak for other distros. ... Every major Linux distro and most minor ones have chroot. Some niche distros that aim to be really tiny don't but everything else does.
I think the comment was not about chroot being available, rather being available for use to normal users. By default it is available only to superuser in most distros.
caitlyn

Jun 25, 2009
12:01 PM EDT
You also have sudo in most distros, which means that all the user needs to know to use chroot is their own password. Again, a non-issue.
jdixon

Jun 25, 2009
12:24 PM EDT
> Every major Linux distro and most minor ones have chroot.

> ...rather being available for use to normal users.

Exactly. I expect that on most systems it's only available to root. Slackware is rather more liberal in that regard than most distros. Of course, if sudo is set up to let you run anything you want, it doesn't matter. Whether that's an optimal way to set up sudo is another discussion.
Sander_Marechal

Jun 25, 2009
4:03 PM EDT
Quoting:You also have sudo in most distros, which means that all the user needs to know to use chroot is their own password. Again, a non-issue.


It's a non-issue to begin with. A user has root access or not. It doesn't matter if he is allowed root access directly or through sudo.
tracyanne

Jun 25, 2009
9:03 PM EDT
Well if Linux is broken, then Windows is twice.. thrice as broken. I've just had the unfortunate experience of setting up some beta sites on Windows 2008 "Server". For starters it's a bloody glorified desktop machine, there's zillions of settings for improving the Desktop "experience", effing file extensions are hidden by default, just like on the Windows Desktop, and finding the means of changing this (Folder Options under tools on the Windows Explorer menus) is hidden (the menus don't display) untill you manage to track down the almost equally well hidden System Stteings and change the desktop 'experience" to 'adjust for best performance'.

Actually creating the beta sites was quite easy once you get past the stupidity of passing off a desktop Operating System as a Server.
jdixon

Jun 25, 2009
9:04 PM EDT
> For starters it's a bloody glorified desktop machine...

From what I've heard, it makes a much better desktop than Vista. :)
caitlyn

Jun 25, 2009
9:07 PM EDT
Quoting:From what I've heard, it makes a much better desktop than Vista. :)


That isn't saying much.

Tracyanne hits the nail on the head... again. She's good at that, you know.
Steven_Rosenber

Jun 25, 2009
9:23 PM EDT
Any of us who have ever maintained (or just tried to bring back from the dead) the Windows boxes of our friends/co-workers/others can probably agree that allowing the average user to install their own applications only leads to heartache, pain and bricked systems.

The security built into most Linux distributions along with the repository concept is the only thing saving us from barbarism.
krisum

Jun 26, 2009
12:14 AM EDT
Both rpm and deb allow for a --root option to setup an installation in a separate directory (the deb's one though requires root permissoins).
tracyanne

Jun 26, 2009
4:20 AM EDT
Quoting: From what I've heard, it makes a much better desktop than Vista. :)


Back around 98,99, 2000 I worked for a company where we used NT4 Server and Win2000 Advaced Server as Desktops, because thwy gave us access to all the useful tools. But I was under the misapprehension , probably due to articles on ZDnet claiming that Windows Server was becoming much more like a Linux Server in order to make it more desirable to Linux/Unix Sysadmins, That Win 2008 Server was... well a real server. Silly me.

I'm still trying to work out what the issue is with needing to install arbitrary applications on my Linux box, anywhere other than in the /usr tree. I mean it's my computer, I don't want anyone else installing software on it, anywhere. So in what way does being able to install to somewhere other than /usr make my computer any easier to use. Being able to install applications to arbitrary places in the file system on Windows, doesn't make Windows easier to use, in fact it makes no difference, and instead clutters up the filesystem, making it difficult to find things. None of the people I've moved from Windows to Linux have any problems with the concept of entering a password to install software or enable updates/security patches, I explained to them that this is what keeps their computer secure and free from Viruses, so that they never have to deal with anti virus software again, they are quite happy with that. I can't see how allowing them to install arbitrary applications into say their home directory, makes the system any safer, or necessarily easier to use. I've had them install .debs by double clicking on the file, and having them install using gdebi (on Mandriva urpmi does the same thing with less gui bling), what could be easier.

Allowing the installation of applications into the user directory tree with normal user permissions, seems, to me, to be a solution in search of a problem.
gus3

Jun 26, 2009
11:05 PM EDT
Quoting:the only point that he might have is that non root users can't install software. Unfortunately they can. Just install to your home directory and add the various bin and lib directories to your various personal paths.
Custom executables are easily denied by adding "noexec" to the /home entry in /etc/fstab. (Only after 2.4.25/2.6.0.)
tuxchick

Jun 26, 2009
11:14 PM EDT
Quoting: the only point that he might have is that non root users can't install software. Unfortunately they can. Just install to your home directory and add the various bin and lib directories to your various personal paths.

Custom executables are easily denied by adding "noexec" to the /home entry in /etc/fstab. (Only after 2.4.25/2.6.0.)


The thing that bothers me the most about these kinds of articles is they're not really complaining about defects in Linux, or bugs, or anything that is actually broken. They're either uninformed and griping about missing features that actually exist, or they're griping that things are not done the "right" way, which is either the Mac way, the Windows way, or the telepathic way because god forbid users should have to learn anything. This one should join the Lunduke WhineClub, preach to members, and quit bothering sensible people.
caitlyn

Jun 27, 2009
10:09 AM EDT
Linux isn't just like Windows or just like Mac. There is definitely a group of people out there who want a free as in no cost or free as in freeloader version of Windows or MacOSX. They were somehow led to believe that is what Linux provides. What their complaints amount to is not having their totally unrealistic expectations met.
gus3

Jun 27, 2009
10:22 AM EDT
Do Windows XP and Vista let users modify %PATH% and %DLLPATH%?

Conversely, do XP and Vista have a "noexec" equivalent volume option?
jdixon

Jun 27, 2009
11:11 PM EDT
> There is definitely a group of people out there who want a free as in no cost or free as in freeloader version of Windows or MacOSX.

For Windows, I'd say point them to ReactOS, but it doesn't deserve that headache.

> Do Windows XP and Vista let users modify %PATH% and %DLLPATH%?

I can't speak for Vista, as I don't have a machine to check, but %PATH% is simply an environmental variable, and yes Windows does let you change it. I'm not aware of any version of Windows which lets you specify a DLL path.

> do XP and Vista have a "noexec" equivalent volume option?

Not that I'm aware of, but I've never really looked into the matter.
tracyanne

Jun 28, 2009
12:10 AM EDT
Quoting: Conversely, do XP and Vista have a "noexec" equivalent volume option?


Not that I'm aware of. I've worked on really locked down Windows machines (Australian Tax Office) and I was always able to execute any arbitrary software I was able to sneak onto my machine. Getting it onto the machine was the most difficult part, as one could not simply download it. One could not even email oneself an executable, even zipped, as that was checked for and disallowed, and removed from the email.

I got round those restrictions by writing my own version of base 64 that didn't parse intelligibly in a standard base 64 parser, and extracted files encoded with my base 64 back to the executable after emailing them to myself.

Based on that experience, I'd have to say no, because if that were possible, given that the ATO had gone to so much expense to block the execution of arbitrary code, that had such a thing been possible they would have done it.
gus3

Jun 28, 2009
12:18 AM EDT
Yikes, I just looked into DLL path searching... what a nightmare. But I see no %DLLPATH% envvar. Oh well.

Posting in this forum is limited to members of the group: [ForumMods, SITEADMINS, MEMBERS.]

Becoming a member of LXer is easy and free. Join Us!